= 2) { $userinfo= explode(":", base64_decode($tags[1])) ; if (count($userinfo)>=2) { if (authenticate_user($userinfo[0], $userinfo[1])) { $aclObj = new \OPNsense\Core\ACL(); return $aclObj->isPageAccessible($userinfo[0], "/xmlrpc.php"); } } } // not authenticated return false; } /** * Simple XML-RPC server using IXR_Library */ if (!isset($_SERVER['HTTP_AUTHORIZATION']) || // check for a auth header !http_basic_auth($_SERVER['HTTP_AUTHORIZATION']) || // user authentication failure (basic auth) $_SERVER['SERVER_ADDR'] == $_SERVER['REMOTE_ADDR'] // do not accept request from servers own address ) { // Authentication failure, bail out. $xml = << Authentication failed EOD; $xml = ''."\n".$xml; $length = strlen($xml); header('Connection: close'); header('Content-Length: '.$length); header('Content-Type: text/xml'); header('Date: '.date('r')); echo $xml; } else { $server = new XMLRPCServer(); $server->start(); }